[Sderby] Pings on other networks

[Paul Grosse]

Folks,

I've been using the LaBrea tarpit to monitor the unsolicited pings on the
NTL broadband network and found the level and cycle as follows...

Hour Pings
00    44
01    30
02    20
03    24
04    19
05    25
06    22
07    20
08    27
09    29
10    37
11    51
12    49
13    57
14    58
15    59
16    96
17    77
18    95
19    91
20   101
21    95
22    85
23    55

This is for a week day (mon to tues). I know that ntl firewall off their
pings (or at least claim to) and that it appears that other networks do as
well -- only a few from outside ntl's network block.

To get this data, I configure the firewall to allow pings through to a
non-existent address which LaBrea then tarpits. I ran LaBrea on a Linux box
(SuSE 8.2 professional) for 24 hours or so, using (as su)...
labrea -dozvv
and collecting the data off the shell and pasting it into a text file.

If you plot it, you will see that night time is fairly quiet, then daytime
users come online (businesses??) but the real increase starts when the kids
get home from school and turn on their windows boxes with a broad peak
between 4pm and 10pm.

Is anybody else on any other network (BT et al) aware of the level of pings
(before Nachi finishes in a few weeks time) on their ISP's network block?

Is is similar in level to this (bear in mind that I have monitored levels of
around 300 or so per hour at weekend peaks)?

Paul Grosse